By vendor
Altium vulnerabilities
Known CVEs affecting Altium products, prioritized by severity, with SEC.co remediation and detection guidance.
1 published vulnerability
- CVE-2026-11419HIGH 8.8
Altium Enterprise Server contains a flaw in how it validates file paths when users upload images. An authenticated attacker can bypass the normal storage location restrictions and write files anywhere on the server's filesystem. This primitive can be weaponized to inject malicious code, take over the service, or crash it entirely. Cloud-hosted Altium 365 deployments are not vulnerable because the vulnerable upload endpoint is not exposed in that architecture.